#!/usr/bin/env bash
wget -c https://artifacts.elastic.co/downloads/logstash/logstash-7.15.2-x86_64.rpm
mkdir -p /data/logstash/data
mkdir -p /data/logstash/logs
chown -R logstash:logstash /data/logstash/
sed -i 's%\/var\/lib\/logstash%\/data\/logstash\/data%g' /etc/logstash/logstash.yml
sed -i 's%\/var\/log\/logstash%\/data\/logstash\/logs%g' /etc/logstash/logstash.yml

cat >>/etc/logstash/conf.d/javadirectinput.conf<<EOF
input {
  tcp {
    port => 5044
    codec => json_lines
  }
}
output {
  elasticsearch {
    hosts => ["127.0.0.1:9200"]
  }
}

EOF
firewall-cmd --zone=public --permanent --add-port=5044/tcp
firewall-cmd --reload
sudo systemctl enable logstash
sudo systemctl start logstash



